From owner-freebsd-security@FreeBSD.ORG Mon Jul 14 01:35:38 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 40B19106566C; Mon, 14 Jul 2008 01:35:38 +0000 (UTC) (envelope-from scheidell@secnap.net) Received: from fl.us.spammertrap.net (fl.us.spammertrap.net [204.89.241.173]) by mx1.freebsd.org (Postfix) with ESMTP id 0DF338FC17; Mon, 14 Jul 2008 01:35:37 +0000 (UTC) (envelope-from scheidell@secnap.net) Received: from localhost (localhost [127.0.0.1]) by fl.us.spammertrap.net (Postfix) with ESMTP id 3155AE604F; Sun, 13 Jul 2008 21:13:38 -0400 (EDT) X-Quarantine-ID: X-Virus-Scanned: SpammerTrap(r) SME-250 1.81 at secnap.com X-Amavis-Modified: Mail body modified (using disclaimer) by fl.us.spammertrap.net Received: from secnap3.secnap.com (secnap3.secnap.com [204.89.241.130]) by fl.us.spammertrap.net (Postfix) with ESMTP id 867D5E6040; Sun, 13 Jul 2008 21:13:37 -0400 (EDT) Received: from 75.201.67.194 ([75.201.67.194]) by secnap3.secnap.com ([10.70.1.13]) with Microsoft Exchange Server HTTP-DAV ; Mon, 14 Jul 2008 01:13:37 +0000 User-Agent: Microsoft-Entourage/12.11.0.080522 Date: Sun, 13 Jul 2008 21:13:47 -0400 From: Michael Scheidell To: Mark Andrews , Message-ID: Thread-Topic: FreeBSD Security Advisory FreeBSD-SA-08:06.bind Thread-Index: AcjlTt22WXx87yCch0qJcMUUDjTESg== In-Reply-To: <200807140029.m6E0TaRg059266@drugs.dv.isc.org> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Cc: FreeBSD Security Advisories Subject: Re: FreeBSD Security Advisory FreeBSD-SA-08:06.bind X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2008 01:35:38 -0000 NOTE WELL: If a port number is specified via the query-source or query-source-v6 options to BIND, randomized port selection will not be used. Consequently it is strongly recommended that these options not be used to specify fixed port numbers -- Michael Scheidell, CTO >|SECNAP Network Security Winner 2008 Network Products Guide Hot Companies FreeBSD SpamAssassin Ports maintainer > From: Mark Andrews > Date: Mon, 14 Jul 2008 10:29:36 +1000 > To: > Cc: FreeBSD Security Advisories > Subject: Re: FreeBSD Security Advisory FreeBSD-SA-08:06.bind > > > There was no mention of checking named.conf to ensure that > a port was not specified in the query-source clauses. Just > upgrading will not fix the problem it if named.conf has > > "query-source port 53". > > Mark > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.spammertrap.com _________________________________________________________________________